High-Performance Appliances

Appliance options

Platform Manager (PM): LogRhythm PM appliances provide alarming, notifications, case and security incident management, workflow automation, and centralized administration for a LogRhythm deployment. Each LogRhythm deployment has a single Platform Manager.

Data Processor (DP): LogRhythm DP appliances provide distributed and highly available processing of machine and forensic data. They receive machine and forensic data from collectors and forensic sensors, leveraging LogRhythm’s Machine Data Intelligence Fabric taxonomy to transform data into a structured and contextualized form. Processors archive data and distribute both the original copy and the structured copy to other LogRhythm components in support of indexing, machine-based analytics, and alarming.

Data Indexer (DX): LogRhythm DX appliances deliver distributed and highly scalable indexing of machine and forensic data. Indexers can be clustered to enable high availability and improved performance. Indexers store original raw data as well as structured data to enable structured and unstructured search-based analytics.

All-in-One (XM): LogRhythm XM appliances provide the functionality of the PM, DP, and DX appliances on a combined platform, as well as a fully portable AI Engine license. Many deployments begin with an XM configuration and are later combined with additional components to enable fault tolerance and increase capacity and performance of a LogRhythm deployment.

AI Engine (AIE): LogRhythm AI Engine appliances deliver highly scalable, patented machine analytics for advanced correlation and behavioral analysis, including automated behavioral, histogram, statistical and whitelist profiling. Multiple AI Engine nodes can be deployed in support of distributed analysis and workload scaling.

Network Monitor (NetMon): NetMon appliances offer full visibility into network traffic, identifying applications via deep packet inspection, providing real-time unstructured search access to all metadata and packet captures. NetMon can also forward Layer 7 SmartFlow™ to the SIEM or other solutions for additional analysis.

Data Collector (DC): LogRhythm’s optional DC appliances collect log, flow, and machine data for secure transport from remote locations to LogRhythm DCs and can encrypt and compress data prior to transport.

High availability and disaster recovery

LogRhythm appliances are built with onboard redundancy for maximum fault tolerance. LogRhythm’s flexible High Availability and Disaster Recovery solutions can be tailored to meet the specific requirements of any organization. LogRhythm’s optional, integrated agents are configurable to failover to secondary and tertiary data processors, allowing for uninterrupted collection of data in the event a data processor is unavailable.

LogRhythm appliance specifications

LogRhythm’s quick and easy installation, combined with flexible expansion capabilities provide a rapid time to value. Most commonly delivered via high-performance appliances with a building block approach to architecture maximizes deployment flexibility and scalability. Whether you are expanding to meet growing enterprise-wide needs, or you have short-term compliance requirement and intend to expand the scope of your deployment later, LogRhythm can quickly and simply scale by adding additional appliances.